Standard Security Best Practices

This article describes certain standard security best practices for any Linux server and offers minimal guidelines for securing your VPS. 1oasis.net recommends these settings for protection against most common attacks.

Note

The security practices described here cannot eliminate the attacks completely. You may learn more about these in detail on the Web and enhance the security further as per your needs.

Security Practices for User Accounts

The root user has all the administrative privileges on the Server. However, if compromised or hacked, this user can pose a severe security threat. It is thus recommended to avoid its use wherever possible.

The trusted users of your VPS should have their specific user accounts, and should not make use of the root user. This will also be helpful to trace the activity logs on your Server.

With sudo (superuser do), you can delegate a limited set of administrative responsibilities to the desired users, who can only work with the commands you allow them to.